Skip to content

Martz91/mcp-sharepoint

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
src/mcp_sharepoint
src/mcp_sharepoint
 
 
.gitignore
.gitignore
 
 
.python-version
.python-version
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

SharePoint MCP Server

License: MIT

Forked to add certificate authentication as SharePoint Online only supports OAuth 2.0 Client Credentials Flow with Certificate-Based Authentication for Application Permissions. Ultimately the goal is to add support for delegated permissions, so the users identity can be passed from the llm-UI to the mcp (OBO).

A lightweight MCP Server for seamless integration with Microsoft SharePoint, enabling MCP clients to interact with documents, folders and other SharePoint resources. Developed by sofias tech.

SharePoint Server MCP server

Features

This server provides a clean interface to SharePoint resources through the Model Context Protocol (MCP), with optimized operations for document management.

Tools

The server implements the following tools:

  • List_SharePoint_Folders: Lists all folders in a specified directory or root
  • List_SharePoint_Documents: Fetches all documents within a specified folder
  • Get_Document_Content: Retrieves the content of a document (as text or base64-encoded binary)
  • Create_Folder: Creates a new folder in the specified directory or root
  • Upload_Document: Uploads a new document to a specified folder
  • Upload_Document: Uploads large documents from path.
  • Update_Document: Updates the content of an existing document
  • Delete_Document: Removes a document from a specified folder
  • Delete_Folder: Deletes an empty folder from SharePoint

Architecture

The server is built with resource efficiency in mind:

  • Efficient SharePoint API usage with selective property loading
  • Error handling through decorators for cleaner code
  • Clear separation between resource management and tool implementation
  • Optimized content handling for both text and binary files

Setup

  1. Register an app in Azure AD with appropriate SharePoint permissions
  2. Obtain the client ID and client secret for the registered app
  3. Identify your SharePoint site URL and the document library path you want to work with

Environment Variables

The server requires these environment variables:

  • SHP_ID_APP: Your Azure AD application client ID
  • SHP_SITE_URL: The URL of your SharePoint site
  • SHP_DOC_LIBRARY: Path to the document library (default: "Shared Documents/mcp_server")
  • SHP_TENANT_ID: Your Microsoft tenant ID
  • SHP_ID_APP_SECRET: Your Azure AD application client secret
  • SHP_CERT_PATH: Path to the .pem file of the private key on your machine
  • SHP_CERT_THUMBPRINT: Thumbprint of the public key uploaded to the azure app registration
  • SHP_CERT_PASSWORD: Optional passphrase if the private key is encrypted

Either SHP_ID_APP_SECRET or SHP_CERT_PATH must be set. If both are set, SHP_CERT_PATH is prefered and certificate based authentication is performed.

Quickstart

Installation

pip install -e .

Or install from PyPI once published:

pip install mcp-sharepoint-server

Using uv:

uv pip install mcp-sharepoint-server

Claude Desktop Integration

To integrate with Claude Desktop, update the configuration file:

On Windows: %APPDATA%/Claude/claude_desktop_config.json On macOS: ~/Library/Application\ Support/Claude/claude_desktop_config.json

Standard Integration

"mcpServers": {
  "sharepoint": {
    "command": "mcp-sharepoint",
    "env": {
      "SHP_ID_APP": "your-app-id",
      "SHP_ID_APP_SECRET": "your-app-secret",
      "SHP_SITE_URL": "https://your-tenant.sharepoint.com/sites/your-site",
      "SHP_DOC_LIBRARY": "Shared Documents/your-folder",
      "SHP_TENANT_ID": "your-tenant-id"
    }
  }
}

Using uvx

"mcpServers": {
  "sharepoint": {
    "command": "uvx",
    "args": [
      "mcp-sharepoint"
    ],
    "env": {
      "SHP_ID_APP": "your-app-id",
      "SHP_ID_APP_SECRET": "your-app-secret",
      "SHP_SITE_URL": "https://your-tenant.sharepoint.com/sites/your-site",
      "SHP_DOC_LIBRARY": "Shared Documents/your-folder",
      "SHP_TENANT_ID": "your-tenant-id"
    }
  }
}

Using vscode

Create a folder .vscode in your workspace and add a mcp.json file with the following content:

{
	"servers": {
		"sharepoint-mcp-server": {
			"type": "stdio",
			"command": "python",
			"args": [
				"-m",
				"mcp_sharepoint"
			],
            "env": {
                "PYTHONPATH": "path_to_your_workspace/mcp-sharepoint/src",
                "SHP_ID_APP": "your-app-id",
                "SHP_CERT_PATH": "path-to-private-key-pem",
                "SHP_CERT_PASSWORD": "",
                "SHP_SITE_URL": "https://your-tenant.sharepoint.com/sites/your-site",
                "SHP_DOC_LIBRARY": "Shared Documents",
                "SHP_TENANT_ID": "your-tenant-id",
                "SHP_CERT_THUMBPRINT": "public-key-thumbprint"
			}
		}
	},
	"inputs": []
}

Development

Requirements

  • Python 3.10+
  • Dependencies listed in requirements.txt and pyproject.toml

Local Development

  1. Clone the repository
  2. Create a virtual environment: 
    python -m venv .venv
source .venv/bin/activate  # On Windows: .venv\Scripts\activate
  3. Install development dependencies: 
    pip install -e .
  4. Create a .env file with your SharePoint credentials: 
    SHP_ID_APP=your-app-id
SHP_SITE_URL=https://your-tenant.sharepoint.com/sites/your-site
SHP_DOC_LIBRARY=Shared Documents/your-folder
SHP_TENANT_ID=your-tenant-id
SHP_CERT_PATH="path/to/private_key.pem"
SHP_CERT_PASSWORD=""
SHP_CERT_THUMBPRINT = "public-key-thumbprint"
  5. Run the server: 
    python -m mcp_sharepoint

Debugging

For debugging the MCP server, you can use the MCP Inspector:

npx @modelcontextprotocol/inspector -- python -m mcp_sharepoint

Creating the certificates

You can use this sample script to create the certificates. Upload the public key to the Azure app registration.

import os
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import hashes
from cryptography.x509.oid import NameOID
from cryptography import x509
from datetime import datetime, timedelta

# Settings
KEY_FILE = "sp_app_private_key.pem"
CERT_FILE = "sp_app_cert.pem"
KEY_SIZE = 2048
VALID_DAYS = 365 * 3  # 3 years

# Generate private key
private_key = rsa.generate_private_key(
    public_exponent=65537,
    key_size=KEY_SIZE
)

# Write private key to PEM file
with open(KEY_FILE, "wb") as f:
    f.write(private_key.private_bytes(
        encoding=serialization.Encoding.PEM,
        format=serialization.PrivateFormat.PKCS8,
        encryption_algorithm=serialization.NoEncryption()
    ))
print(f"Private key saved to {KEY_FILE}")

# Generate self-signed certificate
subject = issuer = x509.Name([
    x509.NameAttribute(NameOID.COMMON_NAME, u"SharePoint App Cert")
])
cert = x509.CertificateBuilder().subject_name(
    subject
).issuer_name(
    issuer
).public_key(
    private_key.public_key()
).serial_number(
    x509.random_serial_number()
).not_valid_before(
    datetime.utcnow()
).not_valid_after(
    datetime.utcnow() + timedelta(days=VALID_DAYS)
).add_extension(
    x509.BasicConstraints(ca=False, path_length=None), critical=True,
).sign(private_key, hashes.SHA256())

# Write certificate to PEM file
with open(CERT_FILE, "wb") as f:
    f.write(cert.public_bytes(serialization.Encoding.PEM))
print(f"Certificate saved to {CERT_FILE}")

# Print thumbprint (Base64Url, no colons)
thumbprint = cert.fingerprint(hashes.SHA1()).hex()
print(f"SHA-1 Thumbprint (hex): {thumbprint}")

License

This project is licensed under the MIT License - see the LICENSE file for details.

Copyright (c) 2025 sofias tech

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%